General
-
Target
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e
-
Size
426KB
-
Sample
241115-aebznswapd
-
MD5
37d6d85e063ae1252a2c956e51d0294f
-
SHA1
1e663a5a1995e63f4ad1413cf408f46793165cbf
-
SHA256
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e
-
SHA512
5d0392d68754d114044cc9ad0392459d893743896307a5533eb6ee8766081c556aad18c7fd0df2a7d7a05192e7149d6518149f99c5af111a1bb475b7dbf6551b
-
SSDEEP
12288:41HMxOm2kAe/vPTecnAmFyCfyqbsT81u03:Gs9nn1Isyb0
Static task
static1
Behavioral task
behavioral1
Sample
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
norm
77.91.124.145:4125
-
auth_value
1514e6c0ec3d10a36f68f61b206f5759
Targets
-
-
Target
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e
-
Size
426KB
-
MD5
37d6d85e063ae1252a2c956e51d0294f
-
SHA1
1e663a5a1995e63f4ad1413cf408f46793165cbf
-
SHA256
8d71cc59a2b5a03906faf33065cf41d4544b67d0578fe891c80c42fc74be358e
-
SHA512
5d0392d68754d114044cc9ad0392459d893743896307a5533eb6ee8766081c556aad18c7fd0df2a7d7a05192e7149d6518149f99c5af111a1bb475b7dbf6551b
-
SSDEEP
12288:41HMxOm2kAe/vPTecnAmFyCfyqbsT81u03:Gs9nn1Isyb0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-